#49 Put file exception: ArrayIndexOutOfBound

open
nobody
None
9
2011-02-08
2010-12-16
boyforeyes
No

Hi,

I'm using Jsch v.0.1.44. My scenario is:
- Read a file content to a byte array.
- Sign & encrypt the byte array.
- Send the result above (signed & encrypted) to SFTP server using method ChannelSftp.put(InputStream is, String dst).

Here are some test cases I did and results:
1. File with any of size: no sign & encrypt --------> no error.
2. File size ~20KB: sign & encrypt with/without ARMOR option ----------> no error.
3. File size ~128KB (or bigger): sign & encrypt with ARMOR option ---------> no error.
4. File size ~128KB (or bigger): sign & encrypt without ARMOR option -------> got ArrayIndexOutOfBoundException.

For #4, after running some debug sessions; at the transfer stage, I found a bug in IO class (line #59):

1: public void put(Packet p) throws IOException, java.net.SocketException {
2: out.write(p.buffer.buffer, 0, p.buffer.index);
3: out.flush();
4: }
The exception is thrown out by line #2 because p.buffer.buffer's length (often 65536, which is initiated from maximum server packet size after negotiation, I think) is smaller than p.buffer.index (in my case, it always has value 65556). Dig deeper a bit, I found that after the method encode(Packet packet) (Session class) is called, the p.buffer.index value is changed. But it's strange that the exception only occurs at the #4 case, others are ok even with very big file.

I tried to downgrade to Jsch 0.1.43 and 0.1.42 but the error is still there. Could you please have a look at this?

In the mean time, I'll also try to debug more myself and get back if I found something useful.

P/S: My development environment is: Jdk1.6.0 update 20, SFTP server WinSSHD 5.21

Regards,

Steven Nguyen

Related

Bugs: #82

Discussion

  • boyforeyes

    boyforeyes - 2010-12-17

    I did one more test case with .pgp file content and get the same exception. I signed and encrypted a file (size ~65KB then) with a third party key tool (WinPT); then I renamed it to some other types (.pdf, .txt, for example). The exception was thrown out when I sent the file to my SFTP server.

     
  • boyforeyes

    boyforeyes - 2010-12-20

    Update: when I sent a .pgp file with HMAC-MD5 and HMAC-MD596, there was no error, but when I used HMAC-SHA1 and HMAC-SHA196, the error occurred again. I think there's a bug in those classes, at least in calculating HMAC with .pgp file. Could you please double check the classes? Are they implemented properly? Thanks in advance.

     
  • boyforeyes

    boyforeyes - 2011-02-08

    I did many test cases and found an important bug that affects all Jsch-0.1.4.x versions. I think it's the root cause of my problem. I think it concerns the JZlib library.
    By default, SSH data packets are not compressed (I can see that compression.c2s and compression.s2c are set to "none" in Jsch config) while transferred between SFTP client and server. Now I want to use some compression algorithm (zlib, for example); I set the compression.s2c and compression.c2s to "zlib,none" to the session config. When running, the negotiation between SFTP client and server will choose zlib (first preferred algorithm) as the packet compression algorithm. But it's failed when running with this setting (lead to ArrayIndexOutOfBoundException). I did the test cases with my test files as above. I'm sorry that I cannot attach my test files, it always error after uploading file to sourceforge.
    In summary, running with a compression and a large .pgp (not sure with binary) file will lead to the exception. With small binary file or small/large ASCII file will be OK. Now, to by-pass the exception; I have to set the compression.c2s and compression.s2c to a string lead by "none" ("none"; "none,zlib"; "none,zlib,zlib@openssh.com") so that the "none" will be chosen in the negotiation step.
    Could you please have a look at the Jzlib library? Please confirm that Jsch can use compression algorithm in transferring large .pgp (binary) file.

     
  • boyforeyes

    boyforeyes - 2011-02-08
    • priority: 5 --> 9
     

Log in to post a comment.